Privacy information

Responsible for data processing:

Universität Potsdam
represented by the President, Prof. Oliver Günther, Ph.D.
Am Neuen Palais 10
Phone: +49 331 977-0
Fax: +49 331-97 21 63
www.uni-potsdam.de

Data protection commissioner

Dr. Marek Kneis
Am Neuen Palais 10
14469 Potsdam
Phone: +49 331 977-124409
Fax: +49 331 977- 701821
E-Mail: datenschutzuni-potsdamde

Purpose of data processing

This Smartphone-App offers the utilization of centralized IT-services hosted by Potsdam University. Features used inside the app are provided through web services. All data transfer is encrypted via SSL (OpenSSL/1.0.1q). Access of non-public information (personal schedule, personal grades, e-Mails, Moodle.UP, persons register, Reflect.UP) requires authentication via username and passphrase by the user. In order of authentication the user’s mail address, username, first and last name as well as access token will be readout and stored together with the passphrase on the user’s device for the time of the current session. This enables the user to comfortably have access on non-public services. It’s the user’s choice whether he or she will personalize the app via enabling it to use further personal information like his or her field of study.
While using the application the information read back are stored on the user’s device for one day and deleted automatically thereafter. In the course of uninstallation of the app all stored data will be deleted.
For improvement of this service, error reports will be sent and stored for evaluation in anonymized  manner and a UUID will be generated which ensures that no one will be able to determine any identity.

Legal basis of data processing

The legal basis for data processing is Art. 6 paragraph 1 line 1 lit. e GDPR i.V.m. § 14 para. 9 BbgHG.

Duration of data storage

Personal data stored on the user’s device depends on the central university account and is not valid anymore if this account is deleted. Data stored on the device while using the app with a valid up-account will be deleted after the session and not later than one day.

Transmission of data to third parties

A Transmission of your data to third parties does not take place.

Your rights

You have the right to ask us for any information about personal data concerning you. In addition to a copy of the personal data, this right to information also includes the reasons for the processing of your data, data recipients and the duration of storage. Should incorrect personal data be processed, you may require us to correct this information. If the legal requirements of Art. 17 or 18 GDPR are met, you also generally have the right to delete personal data or to restrict processing.

Please note that limited processing of the data may not be possible. You have the right to receive your personal data in a structured, standardised and machine-readable format or to request the transfer of said data to another person responsible (Art. 20 GDPR). Furthermore, you may object to the processing under the conditions of Art. 21 GDPR. We kindly request that you contact us to exercise your above-mentioned rights to objection, information, correction, deletion, data portability or restriction of processing to:

mobileup-serviceuni-potsdamde

If you believe that the processing of your personal data is unlawful, you have the right to lodge a complaint with the competent data protection supervisory authority.